Playground · Free · No signup
Scan your AI agent
in 60 seconds
Paste a public GitHub repo or agent endpoint URL. Nixer runs secrets, prompt injection, MCP probe, and fraud checks — then gives you a shareable report.
3 free scans/hour · Playground profile (secrets + prompt injection top-10 + MCP + auth-fuzz) · Full scans via CLI
What the playground scans
Secrets
API keys, tokens, DB passwords in source code
Prompt Injection
Top 10 live injection probes against your endpoint
MCP Probe
Exposed MCP server endpoints, unauthenticated tool access
Auth Fuzzing
Unauthenticated route access, missing rate limits
Cloud Misconfig
Missing security headers, CORS issues, exposed stack info
Model Supply-Chain
Pickle RCE, HuggingFace trust, ML package typosquats
Full scan runs all 6 modules with 300 probes and CI integration.
Get the CLI →
See what a real report looks like
15 findings across a full agent stack — prompt injection, hardcoded secrets, exposed MCP tools, and more.
View sample report →91
RISK
SCORE
SCORE
CRITICAL